Lucene search
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_EMERSON_CVE-2022-29962.NASLHistoryAug 04, 2022 - 12:00 a.m.
Emerson DeltaV Distributed Control System Use of Hard-Coded Credentials (CVE-2022-29962)
2022-08-0400:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
28
5.7 Medium
AI Score
Confidence
High
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. FTP has hardcoded credentials (but may often be disabled in production). This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350.
- The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. FTP has hardcoded credentials (but may often be disabled in production). This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350. (CVE-2022-29962)
This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(500696);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/04");
script_cve_id("CVE-2022-29962");
script_name(english:"Emerson DeltaV Distributed Control System Use of Hard-Coded Credentials (CVE-2022-29962)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. FTP
has hardcoded credentials (but may often be disabled in production). This affects S-series, P-series, and CIOC/EIOC
nodes. NOTE: this is different from CVE-2014-2350.
- The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse
passwords. FTP has hardcoded credentials (but may often be disabled in production). This affects S-series,
P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350. (CVE-2022-29962)
This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://www.forescout.com/blog/");
script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/uscert/ics/advisories/icsa-22-181-03");
script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.
Emerson has provided the following mitigations or workarounds:
Emerson has corrected CVE-2022-29965 in all currently supported versions of DeltaV. For additional mitigations and
preventative measures, please see the Emerson Guardian Support Portal (login required).
Emerson has mitigated CVE-2022-29962, CVE-2022-29963, and CVE-2022-29964 in all currently supported versions of DeltaV.
Please see the Emerson Guardian Support Portal (login required) for more information.
Emerson corrected the Firmware image verification vulnerability in Version 14.3 and mitigated it in all other versions.
Please see the Emerson Guardian Support Portal (login required) for more information.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-29962");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(798);
script_set_attribute(attribute:"vuln_publication_date", value:"2022/07/26");
script_set_attribute(attribute:"patch_publication_date", value:"2022/07/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/08/04");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:emerson:deltav_distributed_control_system_sq_controller_firmware");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Emerson");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Emerson');
var asset = tenable_ot::assets::get(vendor:'Emerson');
var vuln_cpes = {
"cpe:/o:emerson:deltav_distributed_control_system_sq_controller_firmware" :
{"versionEndIncluding" : "2022-04-29", "family" : "SSeries"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| emerson | deltav_distributed_control_system_sq_controller_firmware | cpe:/o:emerson:deltav_distributed_control_system_sq_controller_firmware |
Related
nessus
nessus
prion
prion
Hardcoded credentials
2022-07-26 22:15:00
Code injection
2022-07-26 22:15:00
Hardcoded credentials
2022-07-26 22:15:00
cvelist
cvelist
ics
ics
Emerson DeltaV Distributed Control System
2022-07-14 12:00:00
Emerson DeltaV Vulnerabilities
2018-09-06 12:00:00
cve
cve
ptsecurity
ptsecurity
PT-2013-91: Hard-Coded Access Credentials in Emerson DeltaV
2013-03-10 00:00:00